执行器/ auditevents端点
默认情况下/ auditevents端点已启用,因此在启动应用程序(并使用应用程序日志中提供的用户名和密码登录)后,您可以看到当前的安全事件,但是当我转到/auditevents端点时什么也看不见:
{
"events": [ ]
}
我的验证码:
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
AuthenticationManager authenticationManager
Authentication authentication = this.authenticationManager.authenticate(
new UsernamePasswordAuthenticationToken(
authenticationRequest.getUsername(),
authenticationRequest.getPassword()
)
);
SecurityContextHolder.getContext().setAuthentication(authentication);
我尝试登录时得到的内容:
{
"timestamp": "2017-06-27T08:20:24.344+0000",
"status": 401,
"error": "Unauthorized",
"exception": "org.springframework.security.authentication.BadCredentialsException",
"message": "Access Denied",
"path": "/authentication"
}
如何将事件记录到/ auditevents?